Lokcom is GDPR compliant
PURPOSE OF THIS POLICY
This Policy explains our approach to any personal information that we might collect from you using this website (the “Site”) and in other situations, and it elaborates upon our purposes for which we process your personal information. This Policy also sets out your rights regarding our processing of your personal information.
This Policy informs you of the nature of your personal information that is processed by us and how you can request that we delete, update, transfer, and/or provide you with access to it. This Policy is intended to assist you in making informed decisions when using the Site. This Policy complies with the standards set by Regulation (EU) 2016/79 on the “protection of natural persons with regard to the processing of personal data and the free movement of such data…and repealing Directive 95/46/EC (General Data Protection Regulation).”
For the purposes of this Policy, the term “Consumer” should be understood to mean any individual who is not a Lokcom employee and who has shared personal information with us via the Site or otherwise.
Please note that by using or accessing the Site, you signify your agreement to be bound by and to this Policy. If you do not agree to this Policy, you may not access or otherwise use the Site.
TYPE OF INFORMATION WE COLLECT
Personal information is information that identifies you as an individual. Categories of personal information we collect through this Site include:
· contact information (eg. name, physical address, telephone number, email address);
· information for hiring and human resources (eg. employment and education history, work eligibility status, date of birth, financial account information, government-issued identification information); and
WAYS OF OBTAINING PERSONAL DATA
We do not obtain any personal information about a Consumer unless that Consumer has given clear and unequivocal consent to allow us to do so through one of many channels, including but not limited to visiting our website, filling out a consent form or survey, or completing an on-line or hard copy form. Consumer consent is of the utmost importance to us, especially in regard to “special category” personal data, which is data considered sensitive such as race, ethnicity, politics, religion, health, genetics, trade union membership, biometrics for the purpose of identification, or sexual life or orientation. Special protection will be shown to this data, and it will only be processed if explicit consent is given for the processing of this data for a specified purpose. Consumers may choose to submit personal or private information by regular mail, e-mail, facsimile, electronic transmission over the Site, interoffice mail, or personal delivery as deemed applicable or appropriate for the situation.
HOW WE USE PERSONAL INFORMATION
Our primary goals in collecting personal information from you are to:
· verify your identity;
· help us improve our products and services and develop and market new products and services (e.g. if we see we have only B2B clients or B2B leads, then we will adapt our products/strategy to suit the B2B sector only);
· carry out requests made by you to us;
· investigate or settle inquiries or disputes;
· comply with any applicable law, court order, other judicial process, or the requirements of a regulator;
· enforce our agreements with you;
· protect the rights, property or safety of us or third parties, including our other clients and users of the Site; · provide support for the provision of our services (i.e. having user data help support our services so that we can reach users to provide them technical support or product updates); and · use as otherwise required or permitted by law.
Uses of Personal Information Collected Through This Site
The following describes how we use personal information that we collect through this Site:
Information we collect with respect to our clients and potential clients is used to enable us to respond to client requests, administer client accounts with us, conduct credit checks, and verify and carry out financial transactions for payments made to us.
Media and informational enquiries.
We may collect information for interviews requests, media questions, or requests for information about our company. We may also provide you with the opportunity to sign up for newsletters or receive copies of blogs and other information that we make available. Contact information may be requested in each case, together with details of other personal information that are relevant to these inquiries. This information is used in order to enable us to respond to your requests, media or otherwise.
Potential employees and service providers may provide us with information like resumes and related information to discover and apply for career opportunities. This information is used to enable us to review applications, respond to these requests, and make hiring decisions.
Other Uses of Personal Information
We may also collect information in other contexts besides just this Site based on our business relationship with you. That information may be used in the manner described above and in other ways, such as:
Surveys and voting.
We may collect personal information from you via surveys or voting polls. Participation is voluntary, and you have the choice to decide whether to disclose information. At times, you may have to register to vote or to take part in a survey; however, this information will only be used to report the results of the respective survey or vote.
We may conduct promotions, contests or giveaways, which may require that you register to enter. We collect personal information from you in order to conduct the promotion, contest, or giveaway and deliver prizes or notices accordingly. Participation in these events and providing us with your information are all voluntary.
We maintain information about journalists, talent, social media influencers, social media users, and other professionals in the public relations, news, or media industry. This information may be information that is voluntarily supplied to us by those individuals through our Site or in other situations, or it can be information that is public or available in third-party databases. We use this information to conduct business on our own behalf or on behalf of our clients. We make efforts to only use this information when necessary for our legitimate business interests.
We may provide interactive areas, such as message boards, chat rooms or other forums. Participation in these areas by users is voluntary. We strongly advise and warn you not to submit any information that may identify yourself personally when participating in these areas, as use of these public areas is not secure, and we cannot ensure that your information will be protected.
Marketing communications. We may carry out marketing activities using your personal information. We may send marketing information to you by mail or email. We may also provide you with information about media and public relations events. It may be necessary to mention the purpose of marketing communications at the point that we collect that information. We send this information and materials to you where you have consented to receive such information or materials or where we have another lawful basis to do so to the extent required by law.
We only use your personal information when the law allows us to. Most commonly, we use your personal information in situations where:
· we need to implement the contract we are about to enter or have entered into with you;
· it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests;
· you have consented (through an appropriate medium) to a certain use of your personal information; or
· we need to comply with a legal or regulatory obligation.
To the extent permitted under applicable laws, we also process, transfer, disclose, and preserve personal information when we have a good faith belief that doing so is necessary.
In circumstances where we rely on consent, we ask for your consent at the point of collection. If we intend to further process your personal information, we may contact you to seek your consent for new purposes in cases where the situation requires it.
In instances where your personal information is completely anonymised, we do not require a legal basis to use it as according to Recital 26 of the General Data Protection Regulation (GDPR): “The principles of data protection should therefore not apply to anonymous information… to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable.” However, our collection and use of such anonymised personal information may be subject to other laws where your consent is required.
Please see the next section for information relating to our legal basis for using personal information for marketing purposes.
USE OF DATA FOR MARKETING PURPOSES
We may use your personal information to form a view on what we think you may want or need or what may be of interest to you. We may provide you with marketing information about our products and services that we feel may interest you if:
· you have consented to receiving marketing material from us at the point we collected your information (in accordance with law); or
· it is in our legitimate interests provided these interests do not override your right to object to such communications. In those cases, we believe that we have a legitimate interest in sending you marketing communications to provide you with the very best service we can offer and to optimise the benefits you receive from your business transactions with us. Moreover, this is permitted by the GDPR, as it asserts in Recital 47, “The processing of personal data for direct marketing purposes may be regarded as carried out for legitimate interest.”
We strive to provide you with choices regarding certain personal information uses, particularly around marketing and advertising, and we will use Google Analytics, Adwords, and Facebook and LinkedIn ads as well as retargeting to aid us in that effort. However, you absolutely have the choice to object and opt out of marketing communications, even in cases where we have a legitimate interest: for more information regarding that, please see the section entitled OPT-OUT AND UNWANTED COMMUNICATIONS. We will get your clear and unequivocal opt-in consent before we share your personal information with any company outside of Lokcom for marketing purposes.
COLLECTION FROM THIRD PARTIES
We also collect personal information about you from various third parties and public sources. We reserve the right to supplement your personal information with information we gather from other sources, which may include information we gather from online and offline sources.
PERSONAL INFORMATION OF CHILDREN We do not intend to or knowingly collect personal information from children.
SHARING OF INFORMATION
We do not sell your personal information to other companies, and we do not share it with other companies for them to use without your consent, except in connection with the sale or merger of Lokcom or the division or office responsible for the services. We may, from time to time, share your personal information with any of our group affiliates or agents, partners, or contractors who assist us in processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing IT and other support services or in other tasks. Our agents, partners, and contractors will only use your information to the extent necessary to perform their respective functions. For instance, if the user pays for his/her order online, the payment would be processed by a third-party company (e.g. Mastercard), and we would then have to share his/her email and/or address. This does not mean we would be selling data to this third-party; however, if the third party requires the user’s data in order to complete a transaction on our platform, we would then in that case share the user’s data to this third party.
We may collect and use aggregated and non-personal information. We may share this aggregate information and non-personal information with unaffiliated third parties, such as business partners, manufacturers, distributors, and retailers, in a form in which the shared information be anonymised and thus will neither contain nor be linked to any personal information.
We may transmit personal information to locations outside the EEA and globally. Moreover, personal information might be sent to the following third parties in or outside the EEA:
· Selected Third Parties: We do not disclose to or share any personal information with any external entity or third party, except:
o travel professionals;
o clients in order to illustrate experience and qualifications for business purposes or promotion; or
o third party agents, partners, or contractors who assist us as described above under SHARING YOUR INFORMATION.
· Other Third Parties: We may be required to disclose certain personal information to other third parties for many reasons:
o as a matter of law (e.g. to tax and social security authorities);
o to protect our legal rights;
o in an emergency where the health or security of an employee is endangered (e.g. a fire); or
o to law enforcement authorities in accordance with the relevant legislation in the different EEA Member States including but not limited to legislation transposing EU/2016/1148 concerning measures for a high common level of security of network and information systems across the EU (the “Network Information Security Directive”).
Some countries outside of the EEA benefit from a decision issued by the European Commission, which states that they have an adequate level of data protection. To the extent that data is transferred outside the EEA to countries that do not benefit from such a decision, we have implemented appropriate safeguards to maintain an adequate level of data protection, including with regard to data subjects’ rights.
Therefore, we may transfer your personal information outside the EEA:
· in order to store it;
· in order to enable us to provide goods or services to you and fulfil our contract with you (this includes order fulfilment, processing of payment details, and the provision of support services);
· where we are legally required to do so; or
· in order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.
CONFIDENTIALTY AND SECURITY OF YOUR PERSONAL INFORMATION
We are committed to keeping the personal information you provide to us secure, and we take reasonable precautions to protect your personal information from loss, misuse, or alteration. To safeguard against unauthorised access to personal information by third parties outside our organisation, all electronic personal information held by us is maintained on systems that are protected by up-to-date secure network architectures that contain firewalls and intrusion detection devices. The data saved in servers is “backed up” (i.e. the data are recorded on separate media) to avoid the consequences of any inadvertent erasure, destruction, or loss otherwise. The servers are stored in facilities with high security as well
as fire detection and response systems, and access is protected from unauthorised personnel,. The location of these servers is known only to a limited number of our employees.
We have implemented information security policies, rules and technical measures to protect the personal information that we have under our control from:
· unauthorised access;
· improper use or disclosure;
· unauthorised modification; or
· unlawful destruction or accidental loss
All our employees and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above) who have access to and are associated with the processing of personal information are obliged to respect the confidentiality of the personal information of all users of our services. Information regarding job applications is encrypted and transmitted in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser or looking for “https” at the beginning of the URL. Only employees or third parties who need the information to process a specific request are granted access to personally identifiable information. ACCESSING YOUR DATA You have the right under certain circumstances:
· to see the personal information we hold about you;
· request your data be corrected or erased where applicable;
· to restrict the processing of your personal information while we investigate your concern;
· where processing is based on your consent, to receive your personal information in a commonly used electronic format;
· ask that we move your personal information in that format to another provider in situations where processing requires consent, where your request relates to the data that you gave us directly and where technically possible; and
· to withdraw your consent at any time when processing relies upon consent
Consumers have the right to be provided with information as to the nature of the personal information we store or process about them, and they have the right to request deletion or amendments. These requests can be made verbally or in writing at our contact information provided in the section below entitled ENFORCEMENT RIGHTS AND MECHANISMS. We typically respond within one month to such requests, which is within the bounds of the GDPR.
If access is denied, Consumers have the right to be informed about the reasons for denial. Consumers may use the dispute resolution described in the section entitled ENFORCEMENT RIGHTS AND MECHANISMS, as well as dispute resolution available through a competent regulatory body or authority. We handle, in a transparent and timely manner, any internal dispute resolution procedure relating to the collection and processing of personal information.
If any information is inaccurate or incomplete, a Consumer may request that data be amended. It is every person’s responsibility to provide us with accurate personal information and to inform us of any changes (e.g. new home address or change of name).
If a Consumer demonstrates that the purpose for which the data is being processed is no longer legal or appropriate, the data will be deleted, unless applicable law requires otherwise. Consumers also have the right to object to direct marketing, or in certain other cases, object to processing more generally.
To exercise these rights, please contact us using the information provided in the following section of this Policy.
ENFORCEMENT RIGHTS AND MECHANISMS
If you have any complaints regarding our privacy practices, you have the right to make a complaint at any time to your local supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach your supervisory authority, so please contact us in the first instance.
We ensure this Policy is observed and duly implemented. All persons who have access to personal information must comply with this Policy. Violations of the applicable data protection legislation in the EEA may lead to penalties and/or claims for damages.
If at any time you believe that your personal information has been processed in violation of this Policy or you have any inquires or complaints about the use or limitation of use of your personal information, you may contact:
Chairman and Co-founder
48 Gracechurch Street
London EC4V 0EJ
We are committed to cooperate with the different national EEA Data Protection Authorities (“DPAs”) and comply with their dispute resolution procedures in cases of complaints. We are also committed to complying with any regulations or guidelines that DPAs may issue from time to time in accordance with EEA and Member State data protection legislation. We undertake to register and/or keep our registration updated as a data controller and/or processor in all jurisdictions where we maintain entities in the EEA.
Please note that for you to assert these rights, we may need to verify your identity to confirm your right to access your personal information. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal information from you than we currently have.
Where our use of your personal information requires your consent, you can provide such consent: · at the time we collect your personal information following the instructions provided (please see WAYS OR OBTAINING PERSONAL DATA for more information on how consent is obtained); or
· by informing us by e-mail, post, or phone using the contact details set out in this Policy.
Please note that if you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent. Furthermore, please keep in mind that even if you have previously given consent, you have the right to revoke it; please see OPT OUT AND UNWANTED COMMUNICATIONS for how to do so.
THIRD PARTY LINKS AND SERVICES
This Site contains links to third party websites and services. Please remember that when you use a link to go from our Site to another website or you request a service from a third party, this Policy no longer applies.
Your browsing and interaction on any other websites or your dealings with any other third-party service provider are subject to that website’s or third-party service provider’s own rules and policies. We do not monitor, control, or endorse the privacy practices of any third parties. This Site may integrate with social networking services. You must understand that we do not control such services and are not liable for the manner in which they operate. While we may provide you with the ability to use such services in connection with our Site, we are doing so merely as an accommodation and, like you, are relying upon those third-party service
This Policy does not apply to these third-party websites and third-party service providers.
We may place, or allow a third party to place, functional cookies to make a website easier to use, such as cookies that maintain a user’s session. However, we will obtain your clear and unequivocal consent at the relevant point of contact in order for us to use them, and you also have the right to revoke consent (see the OPT OUT AND UNWANTED COMMUNICATIONS section for more information). You can review your Internet browser settings to exercise choices you have for certain cookies. If you disable or delete certain cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Site, and you may be required to re-enter your log-in details.
For purposes of EU data protection law, the data controller of the personal information that we control is described in this Policy which processes the personal information.
We respond diligently and appropriately to requests from DPAs about this Policy or compliance with applicable data protection privacy laws and regulations. Our employees who receive such requests should contact their human resources manager or business legal counsel. Upon request, we provide DPAs with names and contact details of relevant persons. With regard to transfers of personal information between our entities, the importing and exporting entities (1) cooperate with enquiries from the DPA responsible for the entity exporting the data and (2) respect its decisions, consistent with applicable law and due process rights. With regard to transfers of data to third parties, we comply with DPAs’ decisions relating to it and cooperate with all DPAs in accordance with applicable legislation.
OPT OUT AND UNWANTED COMMUNICATIONS To opt-out of any future promotional or marketing communications or any other communications from us, you should send a request to us at the contact information listed in the section entitled ENFORCEMENT RIGHTS AND MECHANISMS. We process your request within a reasonable time after receipt. Please note that if you opt out in this manner, certain aspects of this Site may no longer be available to you.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
We retain personal information only for as long as is necessary for the purposes described in this policy, after which it is deleted from our systems.
MODIFICATIONS TO THE POLICY
We reserve the right to modify this Policy as needed, for example, to comply with changes in laws, regulations, or requirements introduced by DPAs. Changes must be approved by our privacy points of contact, the office of the corporate legal department, or their designees who seek input as they reasonably deem appropriate from corporate executives for the amended Policy to enter into force. If we make changes to the Policy, this amended Policy will be submitted for renewed approval according to the relevant applicable provisions of the law. We will inform Consumers of any material changes in the Policy and post all changes to the Policy on relevant internal and external websites.
Effective with the implementation of this Policy, all existing and applicable EU company privacy guidelines relating to the collection and/or processing of personal information will, where in conflict, be superseded by the terms of this Policy. No other internal policy that conflicts with this Policy shall be applicable with respect to the protection of personal information handled by us in the EU. We encourage you to review this Policy periodically to be informed of how we use your personal information.
© 2019 Lokcom